From a31444c0192891f76398568d2752e94a7a371f2e Mon Sep 17 00:00:00 2001
From: Leonardo Arena <rnalrd@alpinelinux.org>
Date: Thu, 7 May 2020 12:39:09 +0000
Subject: main/sqlite: security fix (CVE-2020-11655)

ref #11508
---
 main/sqlite/APKBUILD             |  8 ++++++--
 main/sqlite/CVE-2020-11655.patch | 24 ++++++++++++++++++++++++
 2 files changed, 30 insertions(+), 2 deletions(-)
 create mode 100644 main/sqlite/CVE-2020-11655.patch

diff --git a/main/sqlite/APKBUILD b/main/sqlite/APKBUILD
index 44425f92f8..4bf71c2d81 100644
--- a/main/sqlite/APKBUILD
+++ b/main/sqlite/APKBUILD
@@ -2,7 +2,7 @@
 # Contributor: Łukasz Jendrysik <scadu@yandex.com>
 pkgname=sqlite
 pkgver=3.28.0
-pkgrel=2
+pkgrel=3
 pkgdesc="C library that implements an SQL database engine"
 url="https://www.sqlite.org/"
 arch="all"
@@ -34,9 +34,12 @@ source="https://www.sqlite.org/2019/$pkgname-autoconf-$_ver.tar.gz
 	CVE-2019-16168.patch
 	CVE-2019-19242.patch
 	CVE-2019-19244.patch
+	CVE-2020-11655.patch
 	"
 
 # secfixes:
+#   3.28.0-r3:
+#     - CVE-2020-11655
 #   3.28.0-r2:
 #     - CVE-2019-19242
 #     - CVE-2019-19242
@@ -115,4 +118,5 @@ sha512sums="e800c0d9e6c8c01ccf1d714c6c4da4b98e9610c4c06557dda6393d0792a8ae097887
 5bde14bec5bf18cc686b8b90a8b2324c8c6600bca1ae56431a795bb34b8b5ae85527143f3b5f0c845c776bce60eaa537624104cefc3a47b3820d43083f40c6e9  license.txt
 db937bc87068b486e5163a5493acba2d7b89aa6b45d55cbc1c8b53e6889c53e6be060997f340dfad44c3df328c7891b49277f56299a9531248381a214fb4079d  CVE-2019-16168.patch
 e0cbb73e56cfd37cb5fbc5b003a40d1853fb527a63319ff78dbcd9d15d9469f75451f4abd572d5a2a1e936c8739f8f031428090b48368f28f97ba6fbf0654dbe  CVE-2019-19242.patch
-e7982014a62b4fa465918fd65384cec406ea09598f3e0511eb2b68f618983b2f29a932267397aff9b88b97367dc8e05c4074fa8e276e3f4294ac019df498a724  CVE-2019-19244.patch"
+e7982014a62b4fa465918fd65384cec406ea09598f3e0511eb2b68f618983b2f29a932267397aff9b88b97367dc8e05c4074fa8e276e3f4294ac019df498a724  CVE-2019-19244.patch
+c9d9f440543fa59fb4cb75d069b69adcccfdeb1c31bc9bd8d2f27b178013ea72934f6301d3df28e37a67cb6dbc38b2fc7bf87bacd93d756a62f3bf59a52ab3f2  CVE-2020-11655.patch"
diff --git a/main/sqlite/CVE-2020-11655.patch b/main/sqlite/CVE-2020-11655.patch
new file mode 100644
index 0000000000..ee58cf62e8
--- /dev/null
+++ b/main/sqlite/CVE-2020-11655.patch
@@ -0,0 +1,24 @@
+From 660733d19a17c9927275dbcde537d12531a8d121 Mon Sep 17 00:00:00 2001
+From: Leonardo Arena <rnalrd@alpinelinux.org>
+Date: Thu, 7 May 2020 12:37:05 +0000
+Subject: [PATCH] CVE-2020-11655
+
+---
+ sqlite3.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/sqlite3.c b/sqlite3.c
+index 55dc686..f0ccb2d 100644
+--- a/sqlite3.c
++++ b/sqlite3.c
+@@ -133217,6 +133217,7 @@ static void resetAccumulator(Parse *pParse, AggInfo *pAggInfo){
+   struct AggInfo_func *pFunc;
+   int nReg = pAggInfo->nFunc + pAggInfo->nColumn;
+   if( nReg==0 ) return;
++  if( pParse->nErr ) return;
+ #ifdef SQLITE_DEBUG
+   /* Verify that all AggInfo registers are within the range specified by
+   ** AggInfo.mnReg..AggInfo.mxReg */
+-- 
+2.26.0
+
-- 
cgit v1.2.3